Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bernstein Back in Court

Posted by Hemos on from the hear-the-case-again dept.

William Tanksley send us the story that Bernstein, who's case against the United States resulted in a three judge panel over-turning the US laws regarding exportation of cryptography software. At the request of the DOJ, a full Court of Appeals will rehear the case. Here's to hoping that the full court follows the advice of the panel.

12 of 140 comments (clear)

  1. No, not pointless. Just evil. by jcr · · Score: 3

    The point of the crypto export laws is to prevent crypto fromm becoming something that we all have, without having to go to the effort to find it on the net and install it. As long as the US government continutes to be a pain in the arse to anyone who wants to make privacy a standard feature of operating systems and communications software, then *most* communications will continue to be sent in the clear. The REAL purpose of prohibiting strong crypto, is to make it easier for governments to commit crimes against law-abiding citizens. -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  2. Once Again, Society/Government Can Go Pound Sand by Alex+Pennace · · Score: 3

    Exactly what is the United States government trying to accomplish here? Pro-active crime prevention by outlawing these "criminal tools?" We already learned this lesson from gun control, the bad guys have the crypto anyway. In a peverse sense, the government will settle for as many "law abiding" citizens as possible to march off like lemmings to a totalitarian future.

    As I mentioned earlier, data sitting around on your hard drive is harmful to no one, so why does the society at large need to look at it? Putting data on one's hard drive beyond the purview of society stands as a check for the individual against society at large. I didn't touch upon freedom of speech with respect to cryptography, which I will do now.

    Freedom of speech isn't perfect. For example, I can't send out company secrets to a competitor. Where does cryptography fit in? While cryptography may be used in the capacity of exchanging trade secrets, it doesn't address the fact that sooner or later the competing company is going to release a product based on those services, and enough evidence will be available to track down those resposible, cryptography or not.

    In spite of the government's paranoia, cryptography, as used in criminal activities, is really only a small element. For every "actual" crime (read: not thought crimes) there will be plenty of physical evidence for forensic wizards to ascertain not only the identity of the suspects but also the last time they wet their beds.

    In a nutshell, an individual's ability to deploy encryption is more important than the off chance that some real crime goes unsolved due to lack of other evidence.

  3. Re:U.S. Government headed the wrong way by Anonymous Coward · · Score: 4

    I've visited police states. Chile under the early years of Pinochet. The cops on the corner have uzis and there is no radio station except the government station and there is a 1 AM curfew which is enforced by the military going up and down the streets with jeeps and APC's with 50 caliber machine guns mounted on the back. If your wife goes into labor at 2 AM you have to call the military to come get her but they usually don't come. If you try to drive her to the hospital yourself they will shoot you. This actually happened while I was there.

    By the way, this government was put into power by the CIA under the instructions of R. Nixon.

    The price of freedom is eternal vigilance. If you don't like what the government is doing let you elected representatives know about it. Support organizations like the ACLU. Watch the voting record of the people you elect. The people on /. complain a lot about the government, but they also fit the profile of the most politically apathetic segment of the US, Gen X & Y. If you lose what Jefferson and the other founders built IT IS YOUR FAULT.

    Last year I worked for a congressional campaign to unseat a radical conservative who had voted for 8 constitutional amendments during his term. These amendments included a ban on flag buring, a ban on abortion even if cases of rape incest or if the mother's life was threatened, and a override on the school prayer issue. In my opinion this was a totally outrageous assault on the fundamental rights of all Americans.

    DO YOU KNOW WHAT YOUR CONGRESSMAN IS VOTING FOR?? Do you check his voting record??? DO you let him know about issues like the crypto problem?

  4. Re:... by Signal+11 · · Score: 3
    Unlike forcing you to yield to them entering your house, nobody can force you to let them into your data. That's the wonderful part about computers, and part of the reason I guard my pc at home so vigorously.

    They can simply subdue you if you refuse the warrant - but what are they gonna do to your computer? Inject it with truth serum? Ha! Good luck. It'll be a long, long time before the government can crack the security I have available at my fingertips right now.

    Personally, I've given up on law enforcement - they've made too many mistakes for me to trust them to "serve and protect" anymore. I have decided that I will not cooperate with government or law in any fashion until they can prove (to MY satisfaction) their motives and intent. They're simply too untrustworthy - I would trust a bum on a street corner more readily than our so-called justice system.

    It's a sad state of affairs - and the only long-term solution I can see is to return the power to the average citizen, rather than allow a corrupt few to share it amongst themselves. We need to bring back the right to bear arms, we need to create a public-review (NOT peer review) system that officers are subject to, and we need them to be tried for their crimes. In short, we need accountability. And privacy would be nice too.

    --

  5. The artifical line between speech and information by Hobbex · · Score: 3

    I wouldn't put my hopes about a solution for to the crypto issue from this process: it just won't happen. The american regime has decided to show its true face in this issue, and will continue to fight this freedom no matter what the court decides.

    Victory in the crypto battle can not, and will not, come through traditional law.

    However, the more frightening issue here is what this court is actually supposed to decide, namely, what is speech? Current human rights of free speech come from an age when speech WAS information, and information WAS speech. But, because technology has evolved to the point where most communication is machine to machine, we have (thanks to our unenlightened leadership) gotten a double standard where some information produced by humans is speech, and some is not.

    So now They are trying to decide whether the form of information we call source code should be protected as speech. To those of us whose thoughts are often recorded as source code rather than speech or text, the fact that this should ever be in doubt about this seems horribly prejudice. I wonder if a single of the judges in that court has ever written a line of code or has ANY insight on the amount of creativity inherant to programming.

    Actually I don't wonder. I'm pretty sure I know the answer.

    And of course it goes further. If source code is speech, tell me why machine code is not? Is it because its doubtful that I be able to find any meaning in machine code myself? Then exactly what are the standards by which information attains "meaning" enough to be speech? Could I have them on paper so I know for the future?

    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.

  6. ... by Signal+11 · · Score: 3
    Does it matter? Consider the following:

    Crypto is outlawed. Given the current state of law enforcement, I don't really think we have anything to worry about - they can't even keep track of the script kiddies right now. Later on, provided they do get their act together, anybody wishing to practice civil disobedience can send "look-alike" PGP messages. Just cat the output of /dev/urandom to uuencode, strip off some of the header and footer info, and put "-- BEGIN PGP SIGNED MESSAGE --" at the top of yours. Looks authentic.. but it isn't crypto.

    Here's the other problem with outlawing crypto - do 'ya think the DoJ is gonna convince the 230 some odd countries around the world to agree with them and do the same? Not likely. So all you need to do is route network traffic through one of the countries that DOES allow crypto.

    Let's assume now they DO allow crypto. US companies rejoyce, e-commerce in this country gets a shot in the arm, and the stock market people are happy. Do 'ya think the DoJ is stupid enough not to realize they're gonna piss off *ALOT* of companies and investors by outlawing cryptography? Yeah.. my thoughts exactly.



    --

    1. Re:... by Signal+11 · · Score: 3
      When they realize that the frightening thing is that they'd probably like to respond like Britian just did, and say that you have to decrypt anything they want you too. Never mind how illogical this is.

      Or illegal. It violates the 5th amendment protections of the constitution. Somehow I sincerely doubt that any law enforcement agency has the necessary clout to push through the removal of that amendment.

      Let the legal system dance and run to and fro like a chicken with it's head cut off. It won't be too long before the futility of the situation dawns on them. In this respect, think of them as the ominous "Management" - claims credit for the rain, saying that it controls the weather.. but not for the subsequent drought, which it blames on the 'criminal element'.

      --

  7. ... by Signal+11 · · Score: 4
    A thought just occurred to me - even if they outlaw crypto.. how to you define what cryptography is?

    Foo Blargle Me Noitzen!

    What did I just say? It could have been non-sense... or it could have been a one-time cipher I'm using between me and a friend of mine to tell him I want his mp3 collection.

    If you outlaw crypto.. the crypto experts will simply design a new system that doesn't *look* like crypto. Steganography(sp?) anyone? No officer, that REALLY IS a jpeg of pamela lee I posted to my friend... it REALLY DOESN'T contain the nuke codes for all the missle installations in North Dakota. :^)

    The way I see it - this'll turn into another 'war on drugs' - with the only losers being the common citizen. We'll lose what (very little) civil rights we have remaining.. and will have gained nothing for it.

    --

  8. Analogy by TheBeginner · · Score: 5
    Sometimes I feel like the war against cryptography exportation is a lot like the war on drugs. The American government fights and fights against it on the grounds that it could fall into the hands of terrorists or hostile governments, just as in the war on drugs, the government fights to stop drugs from entering the marketplace as a whole.

    But in both cases, it is completely ineffectual. Let's face it, we are doing as good a job keeping our cryptography methods secret as we are preventing drugs from crossing the border. In both cases, we are going about it the wrong way. In the case of drugs, the government causes an increase in crime, inflates the prices of drugs, and spends billions of dollars while only stopping a small percentage of the actual trafficking. In the war against crypto exportation, yes, the government is keeping our "secrets" from falling into the hands of the world at large, but is it keeping it from those that it claims are the problem?

    Do any of us really believe that just because there is no official exportation, that anything on the U.S. market is still secure from high-powered foriegn organizations, be they countries or terrorists? In fact, they are the ones most likely to get whatever the software they want. Hell, if they can smuggle American missiles out of the country from "secure" military bases, how hard is it to steal software?

    Once again, the U.S. government is costing the American cryptography industry a phenomenal amount of money by not allowing exportation (even though they do now, this is in the case of the ruling being overturned) while still not keeping the information from the "enemies." It is a backwards approach to the problem.

    While it is nice to be moral and an upright country (relatively), the majority of the world is not. Those who want the crypto information can get it, and those who can pay for it can not. Is that really the solution?

    Thus, as does the majority of Slashdot, I hope that this ruling stands.

    --
    14 digits of Pi are all we need.
  9. Re:Are Crypto Laws Really that Big of a Deal? by Millennium · · Score: 3

    It's not a sign that the government is collapsing; it isn't. But they're afraid that crypto could very easily pave the way for their collapse, and they have a damn good reason to fear that.

    The government claims that criminals will use encryption to hide their plans from the poice. Interesting theory, and true in some aspects, but they forget two things:
    1) Most criminals don't know how to use encryption. Hell, most people don't know how to use it; encryption software is not known for its ease of use.
    2) Those who would use it are going to use it anyway. Most criminals already get their stuff by illegal means; legal ones are too easy to trace (guns are a big example of this, and it's why I don't believe gun control works).

    Now, I do find it interesting that even the loosened export restrictions bar the posting of crypto source online. In other words, US citizens still won't be able to work on Open-Source crypto (or any other crypto with even one person on the team who's not in the US, because the only practical way to get the source to that person is via the Net). The government sure knows how to make enemies out of the very people it's trying to court...

  10. This is the qmail author by rsidd · · Score: 5

    Since nobody's mentioned it so far... Dan Bernstein is the author of
    qmail, ezmlm, and lots of other great software. Anyone who
    has read the qmail docs or his webpage
    will know that he places security above anything else, doesn't
    mince his words, and doesn't hesitate to be a nonconformist
    (eg, running his web site with his own secure anonymous
    FTP server, rather than a http server...)

    He's probably among the best possible people for this case.

  11. The DoJ's inforcment of crypto laws is treason.. by Weezul · · Score: 4

    The executive branch (NSA, DoJ, etc.) don't really care that people *can* get encryption.. They are happy with just making it hard for people to get encryption and suppressing public intrest and research in it. Example: PGP is not that big a threat to them since they can always obtain the keys through some legal action (the 5th ammendment says that you should not be required to divulge your keys, but I believe there are ways arround this), they could get a court order to wire tap your computer, and PGP only protects a limited class of communications. What they are really scared of is mass use cryptography. Just imagine if everyone carried a miniture computer on a card with them to do encryption (i.e. your private key never leaves the card and you type your password into the card directly). We could even use a stenographic filesystem on the card which would make it impossible to prove that you had hidden data which you were not revealing.

    This kind of system would be great, everyone would opnly need a few passwords and there would be much less hacking and fraud (example: all hacking based on social engenering would stop since no one knows a password to anything but the cary they carry), but the gov. would rather indanger US buisnesses and finantial infrastructure then allow people to protect themselves. Can anybody say treason.

    Now, it seems that they are willing to throw corperations a bone so long as open source cryptography dosn't spread to fast and the people are still kept in the dark.

    Solutions: A good way to fight the U.S. policies is to incurage the development of cryptography in other countries. U.S. citizens who want to work on crypto sould be incuraged to move to less repressive countries and other countries should be incurages to make life easier for crypto development and implementation. Also, we need to make it less profitable for the gov. to keep encryption hardware out of circulation. I think the two big steps here would be installing encryption into all the internet fone programs and writing crypto software for PDAs to allow them so surve as login devices. It would be really cool if one of these PDA-Cellphones would be powerful enough to be turnned into a PGP fone through software.

    I think there is also a lot we can do to make it easier to install cryptography on Linux. It would be really nice if some Denbian and RedHat people would maintain cryptography enabled packages with were always up to date and easy to install (replay and people tend to lag behind in versions) and if the post install email to root or whatever would include an explination of how to download and install the replacment packages. It would also be nice if RedHat would have seperate US and international versions of it's CD. Plus, SSH, Apache-SSL, the JavaSSH client, an encrypted digital fone program, and software to use a PDA as a login device would give many people a reason to buy the CD.

    Jeff

    --
    The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell